From owner-FreeBSD-net-jp@jp.freebsd.org  Fri Jun 23 00:54:03 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id AAA95625;
	Fri, 23 Jun 2000 00:54:03 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from shrike.dti.ad.jp (shrike.dti.ad.jp [202.216.228.218])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id AAA95620
	for <freebsd-net-jp@jp.freebsd.org>; Fri, 23 Jun 2000 00:54:02 +0900 (JST)
	(envelope-from hideishi@ops.dti.ne.jp)
Received: from casper.sc.magisystem.net (PPP35.matsudo-ap4.dti.ne.jp [210.170.230.227]) by shrike.dti.ad.jp (8.9.3/3.7W) with ESMTP id AAA24803 for <freebsd-net-jp@jp.freebsd.org>; Fri, 23 Jun 2000 00:54:00 +0900 (JST)
Received: from rei.geofront.magisystem.net by casper.sc.magisystem.net (8.9.3/3.7W) id AAA00480; Fri, 23 Jun 2000 00:53:54 +0900 (JST)
Received: from localhost (localhost [127.0.0.1])
	by rei.geofront.magisystem.net (8.9.3/3.7W) with ESMTP id AAA00377
	for <FreeBSD-net-jp@jp.freebsd.org>; Fri, 23 Jun 2000 00:53:54 +0900 (JST)
To: FreeBSD-net-jp@jp.freebsd.org
In-Reply-To: <200006221518.AAA27018@ns1.isf.co.jp>
References: <200006190945.SAA29053@aerith.cks.canon.co.jp>
	<200006211239.AA00353@blackmarlin.osiplus.co.jp>
	<200006221518.AAA27018@ns1.isf.co.jp>
X-Mailer: Mew version 1.94.1 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Organization: S.C. MAGI-SYSTEM
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <20000623005351C.hideishi@rei.geofront.magisystem.net>
Date: Fri, 23 Jun 2000 00:53:51 +0900
From: Hidenori Ishikawa <hideishi@ops.dti.ne.jp>
X-Dispatcher: imput version 20000228(IM140)
Lines: 158
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-net-jp 2646
Subject: [FreeBSD-net-jp 2646] Re: ppp =?ISO-2022-JP?B?GyRCJE5AXxsoQg==?=
 =?ISO-2022-JP?B?GyRCRGobKEI=?= 
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: hideishi@ops.dti.ne.jp

$B@P@n!w@iMUBg$G$9!#(B

From: MasaruSuzuki <msuzuki@isf.co.jp>
Subject: [FreeBSD-net-jp 2645] ppp $B$N@_Dj(B 
Date: Fri, 23 Jun 2000 00:20:43 +0900

msuzuki> ppp$B$GIaDL$K%W%m%Q%$%@$K@\B3$G$-$F$$$k?M$N@_Dj%U%!%$%k$,8+$?$$$J$!!#(B

msuzuki> /etc/ppp/ppp.conf

--------------------ppp.conf
default:
 allow users ********
 disable lqr
 deny lqr
 disable acfcomp
 deny acfcomp
 disable protocomp
 deny protocomp
 disable pred1
 deny pred1
 disable pap
 accept pap
 disable chap
 deny chap
 set filter dial 0 deny 0 0
 set filter alive 0 deny icmp
 set filter alive 1 deny tcp src eq 53
 set filter alive 2 deny udp src eq 53
 set filter alive 3 deny tcp dst eq 53
 set filter alive 4 deny udp dst eq 53
 set filter alive 5 deny udp src eq 520
 set filter alive 6 deny udp dst eq 520
 set filter alive 7 permit 0 0
 set openmode active
provider:
 set device /dev/cuaa0
 set speed 115200
 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 3 \"\" AT$N1=1 OK-AT-OK \\dATDT\\T TIMEOUT 50 CONNECT"
 set phone ********
 set login
 set authname ********
 set authkey ********
 set timeout 0
## ssh
 set filter in  0  permit tcp src eq 22 estab
 set filter out 0  permit tcp dst eq 22
## ftp
 set filter in  1  permit tcp src eq 21 estab
 set filter out 1  permit tcp dst eq 21
 set filter in  2  permit tcp src eq 20 dst gt 1023
 set filter out 2  permit tcp dst eq 20
## dns
 set filter in  3  permit udp src eq 53
 set filter out 3  permit udp dst eq 53
 set filter in  4  permit tcp src eq 53
 set filter out 4  permit tcp src eq 53
## smtp
 set filter in  5  permit tcp src eq 25
 set filter out 5  permit tcp dst eq 25
## pop
 set filter in  6  permit tcp src eq 110
 set filter out 6  permit tcp dst eq 110
## http
 set filter in  7  permit 0.0.0.0/0 MYADDR tcp src eq 80
 set filter out 7  permit MYADDR 0.0.0.0/0 tcp dst eq 80
 set filter in  8  permit 0.0.0.0/0 MYADDR tcp dst eq 80
 set filter out 8  permit MYADDR 0.0.0.0/0 tcp src eq 80
## https
 set filter in  9  permit 0.0.0.0/0 MYADDR tcp src eq 443
 set filter out 9  permit MYADDR 0.0.0.0/0 tcp dst eq 443
## ping
 set filter in  10 permit icmp
 set filter out 10 permit icmp
## traceroute
 set filter in  11 permit udp dst gt 33433
 set filter out 11 permit udp dst gt 33433
## ntp
 set filter in  12 permit tcp src eq 123 dst eq 123
 set filter out 12 permit tcp src eq 123 dst eq 123
 set filter in  13 permit udp src eq 123 dst eq 123
 set filter out 13 permit udp src eq 123 dst eq 123
## whois
 set filter in  14 permit tcp src eq 43
 set filter out 14 permit tcp dst eq 43
 set filter in  15 permit udp src eq 43
 set filter out 15 permit udp dst eq 43
## cvsup
 set filter in  16 permit tcp src eq 5998
 set filter out 16 permit tcp dst eq 5998
 set filter in  17 permit tcp src eq 5999
 set filter out 17 permit tcp dst eq 5999
## archie
 set filter in  18 permit udp src eq 191
 set filter out 18 permit udp dst eq 191
## irc
 set filter in  19 permit tcp src eq 6667
 set filter out 19 permit tcp dst eq 6667
## dnetc proxy
 set filter in  20 permit tcp src eq 2064
 set filter out 20 permit tcp dst eq 2064
## nntp
 set filter in  23 permit tcp src eq 119
 set filter out 23 permit tcp dst eq 119
 set filter in  24 permit udp src eq 119
 set filter out 24 permit udp dst eq 119
## ident
 set filter in  25 permit tcp dst eq 113
 set filter out 25 permit tcp src eq 113
## local to internet
 set filter in  26 permit 0.0.0.0/0 192.168.1.0/24 tcp src gt 1023 dst gt 1023
 set filter in  27 deny   0.0.0.0/0 192.168.1.0/24 tcp src gt 6023 dst gt 6023
 set filter out 26 permit 192.168.1.0/24 0.0.0.0/0 tcp src gt 1023 dst gt 1023
 set filter out 27 deny   192.168.1.0/24 0.0.0.0/0 tcp src gt 6023 dst gt 6023
 set filter in  28 permit 0.0.0.0/0 192.168.0.0/24 tcp src gt 1023 dst gt 1023
 set filter in  29 deny   0.0.0.0/0 192.168.0.0/24 tcp src gt 6023 dst gt 6023
 set filter out 28 permit 192.168.0.0/24 0.0.0.0/0 tcp src gt 1023 dst gt 1023
 set filter out 29 deny   192.168.0.0/24 0.0.0.0/0 tcp src gt 6023 dst gt 6023
## NAT setup
 set ifaddr 192.168.1.254/0 210.159.190.217/0
 add default HISADDR
--------------------


msuzuki> /etc/ppp/ppp.linkup

--------------------ppp.linkup
provider:
 delete ALL
 add 0 0 HISADDR
--------------------


msuzuki> /etc/ppp/ppp.linkdown

--------------------ppp.linkup
provider:
 delete ALL
 add 0 0 HISADDR
--------------------


msuzuki> $B$"$?$j$N@_Dj$r$b$7NI$+$C$?$i$I$J$?$+;29M$K$5$;$F$/$@$5$$!#(B

$B$3$&$$$C$?Nc$C$F$J$+$J$+=P$F$J$$$b$N$J$s$G$9$h$M!#(B
$B;d$b=q$/$N$K6lO+$7$^$7$?!#(B

$B;29M$K$J$k$G$7$g$&$+!)(B

filter$B4X78$O<qL#$J$N$G!"L5;k$7$F$b$i$C$F$+$^$$$^$;$s!#(B

# $B$A$J$_$K!"(BTA$B$O(BNEC Aterm55$B$H$$$&5l<0!"(Bprovider$B$O(BDTI$B$G$9!#(B

    /-------------------------------------------------/
   /(^^)/           Hidenori Ishikawa                /
  / (^^)/        <hideishi@ops.dti.ne.jp>           /
 /  (^^)/ URL http://www.ops.dti.ne.jp/~hideishi/  /
/-------------------------------------------------/
